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DETAILED ACTION 

1 . This action is responsive to communication: 28 September 2005 with acknowledgement 
of an original application filing date of 1 1 October 2001. 

2. Claims 1-7, 9-16, and 21-28 are currently pending in this application. Claims 1 and 9 are 
independent claims. Claims 1, 3, 4, 5, 9, 13, 14, and 15 have been amended. Claims 21-28 are 
new. Claims 8, and 17-20 have been cancelled. Amendments to the claims and specification are 
accepted. 

Response to Arguments 

3. Applicant's arguments with respect to 1-7, 9-16, and 21-28 have been considered but they 
are not persuasive when noted below; arguments not noted are moot due to the new grounds for 
rejection initiated by amendment to the claims. 

In response to applicant's argument beginning on page 11, ''Claim 5 recites ''wherein 
said lock control device is connected to said computer or computer terminal via connection that 
also connects a keyboard to said computer or computer terminal " The subject matter is neither 
taught nor suggested by Gulick*\ The Office disagrees with argument Gulick does teach this 
limitation in col. 1, lines 57-65 and col. 2, lines 30-67, which explains how the south bridge 1 12 
is used to interface devices to the rest of a computer system, such as a keyboard and how the 
invention is a device to protect the security of software and devices. 

In response to applicant's argument on page 11, "Claim 6 recites "wherein said lock 
control device controls access to a particular application residing on said computer or 
accessible through said computer terminal. " This portion of Gulick, however, does not teach or 
suggest that a lock control device connected to a computer or computer terminal is used to 
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control access to a particular application residing on that computer or accessible through the 
computer terminar. The Office disagrees with argument, Gulick does teach this Hmitation in 
col. 7, lines 3 1-46, which describes how 'security operations' which is interpreted to be a 
specific application are secured in the secure execution mode (SEM). 

In response to applicant's argument on page 1 1, ''Claim 7 recites ''a computer network 
with at least one network server to which said computer is connected, wherein said lock control 
device controls access to said network server from said computer "... Nowhere does Gulick 
teach or suggest the claimed subject matter in which a lock control device attached to a 
computer controls access to a network server accessible from that computer''. The Office 
disagrees Gulick does teach the indicated limitation in col 48, line 32-36. Gullick indicates how 
the invention can be applied to a portable computer with a remote connection to a server. "The 
portable computer 5003 may include the logic 5007 and the timer 5009 shown in FIG39A". 

In response to applicant's argument on page 12, ''Blank does not teach or suggest 
anything about using proximity cards or magnetic cards in connection with controlled access to 
a piece of office equipment''. The Office disagrees with the argument for at least two reasons. 
First Gulick does show controlling access to computer hardware through the use of proximity 
cards see col. 8, lines 12-33, the smart card reader is interpreted to have the same meaning as a 
proximity card. Blank was introduced as part of the 103 rejection because it utilized the exact 
term as claimed and shows that smart cards have the same meaning as "proximity cards", see 
Blank col. 9, lines 18-21. 
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Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 

5. Claims 1, 2, 5, 6, 7, 9, 10, 15, 16, 24, and 28, are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Gulick et al. U.S. Patent No. 6,823,451 (hereinafter '451) in further 
view of Shaffer et al. U.S. Patent No. 6,145,083 (hereinafter '083). 

As to independent claim 9, "A method for controlling use of a piece of office 
equipment or a particular resource available through that piece of equipment, said method 
comprising:" is taught in '451 col. 8, Unes 13-56; 

"re-enabling operation of said piece of office equipment or a resource available 
through that office equipment to an authorized user upon presentation of an identifier of 
said authorized user to a sensor of a lock control device connected to said piece of office 
equipment, Avherein said sensor senses and recognizes said identifier to identify said 
authorized user" is taught in '451 col. 8, Unes 46-56 and col. 9, lines 26-42; 
the following is not taught in '451 "timing a period during which said equipment receives no 
user input and placing said equipment or a resource available through said equipment into 


Application/Control Number: 09/976,068 Page 5 

Art Unit: 2134 

a locked state upon elapse of a pre-determined period during which no user input is 

received" however '083 teaches "In a first step, the computing device is configured to switch the 
device from a normal operative mode to a locked mode in response to detection of a preset 
condition, such as the expiration of an idle-time timer. Thus, if the computer remains idle for a 
preselected period of time, a computing device is switched to a locked mode that establishes a 
security condition with respect to data access capabilities and communication access capabilities. 
The computing device remains in the locked mode until a preset authorization condition is 
recognized. This preset authorization condition may be the entering of a password, but other 
authentication procedures may be required, e.g., a voiceprint recognition" in col. 2, lines 55-67. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of '451 a device for security and manageability to include a means to 
time a period during which no user input is received and placing the equipment into a locked 
state. One in the art would have been motivated to perform such a modification to improve the 
ability to protect a computer system (see '083 col. 2, lines 6 et seq.) "A concern is that the use of 
a TOL application is inconsistent with screen saver applications. As noted above, if a computer 
remains idle for a selected period of time, the resources of the computer may be automatically 
locked to ensure data security. However, this locked mode disables the TOL application. 
Consequently, a person may not receive notification of an incoming call. Optionally, the TOL 
application may be dominant, so that an incoming call will override the screen saver. In this case, 
the security provided by the screen saver appHcation is compromised. A person intent on 
accessing data of an unoccupied computer can unlock the resources of the computer merely by 
calling the computer from a second computer in the same area. As another alternative, the screen 
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saver application may be dominant, so that the input of a password is required in order to access 
an incoming call. While this alternative ensures that an unattended computer is not unlocked by 
an incoming call, it requires that a user quickly enter the password into a computer that is the 
target of a business call and that is in the locked mode, or the business call will be missed". 

As to dependent claim 10, "wherein said piece of office equipment is a computer or 
computer terminal" is shown in '451 col. 8, lines 13-56, 

As to dependent claim 13, "further comprising connecting said lock control device 
to said computer or computer terminal via a connector that also connects a keyboard to 
said computer or computer terminal" is disclosed in '451 col. 8, lines 46-56 and '451 col. 1, 
lines 57-65 

As to dependent claim 14, "further comprising accessing a particular application 
residing on said computer or accessible through said computer terminal by presenting an 
identifier of said authorized user to said sensor of said lock control device" is taught in '451 
col. 7, Hnes 31-46. 

As to dependent claim 15, "further comprising accessing a network server on a 
computer network to which said computer is connected by presenting an identifier of said 
authorized user to said lock control device" is shown in '451 col. 47, line 59 through col. 48, 
line 3. 

As to dependent claim 16, "further comprising: timing periods during which said 
computer or computer terminal receives no user input; locking up or logging out said 
computer upon elapse of a pre-determined period during which no user input is received; 


Application/Control Number: 09/976,068 Page 7 

Art Unit: 2134 

and unlocking or logging in said computer upon operation of said lock control device" is 

disclosed in '451 col. 9, lines 4-43. 

As to dependent claim 28, wherein said identifier comprises a biological 

characteristic of said user" is shown in '451 col. 8, lines 46-56. 

As to independent claim 1, this claim is directed to the system of the method of claim 9, 
therefore it is rejected along similar rationale. 

As to dependent claims 2, 5-7, and 24, these claims contain substantially similar subject 
matter as claims 10, 13-15, and 28; therefore they are rejected along similar rationale. 

6. Claims 3, 4, 11, 12, 19, 23, and 27, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over '451 in further view of '083 in further view of Blank U.S. Patent No, 
6,089,611 (hereinafter '611). 

As to dependent claim 11, the following is not taught in '451 and '083 "further 
comprising using a proximity card sensor as said lock control device" however '61 1 teaches 
"An exemplary, non-limiting list of non-visibly identifiable indicia suitable for use in accordance 
with this embodiment of the invention includes magnetic strips, "biometric" identifying indicia 
such as fingerprint codes, photo retina IDs, surface-combined or embedded computer chips (such 
as those that emit electromagnetic radiation such as radio-frequency radiation that can be read by 
a nearby card reader), UV-light readable coding, proximity indicia of the contact and contactless 
type (i.e., cards including magnetic or electronic characteristics, which when brought into contact 
or nearly into contact with a reader can be read; so-called smart cards or proximity cards), 
holographic indicia such as three-dimensional holograms, and other types of non-visibly 
identifiable, encrypted indicia" in col. 9, lines 8-23. 
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It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of '451 and '083 a device for security and manageability to include a 
means to utilize a proximity sensor. One in the art would have been motivated to perform such a 
modification to eliminate the need for multiple and lengthy identification systems (see '61 1 col. 
3 lines 48 et seq.) "Accordingly, the present invention is directed to solving the problem of the 
lengthy and multiple step process associated with registration of holders of cards provided by the 
prior art systems by providing a method and apparatus for instantly registering a holder of such 
cards". 

As to dependent claim 12, "further comprising using a magnetic card reader as said 
lock control device" is shown in '451 col. 9, lines 8-23. 

As to dependent claim 27, "wherein said identifier comprises a credit card" is 
disclosed in '61 1 col. 6, lines 50-64. 

As to dependent claims 3, 4 and 23, these claims contain substantially similar subject 
matter as claims 11, 12, and 27; therefore they are rejected along similar rationale. 
7. Claims 21, 22, 25, and 26, are rejected under 35 U.S.C. 103(a) as being unpatentable 
over '451 in further view of '083 in further view of Stoltz et al U.S. Patent No. 6,615,264 
(hereinafter '264611). 

As to dependent claim 25, the following is not taught in '451 and '083 "further 
comprising : initially unlocking said computer or computer terminal with entry of at least 
one password; and allowing a user to subsequently unlock said computer or computer 
terminal by presentation of said user identifier rather than re-entry of said at least one 
password" however '264 teaches "Further, it should be apparent that embodiments of the 
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invention can be used wherein no authentication of a user is performed. For example, in a trusted 
or secure environment there may be no need to verify the authenticity of a user. In one or more 
embodiments of the invention, a user is connected to a session only after being authenticated by 
authentication manager 204 or authentication modules 240. In such an embodiment, an 
authentication module 240 may authenticate all users merely when presented with a token or 
when any name is typed into a login session, for example. Thus, the user only needs to provide 
an identification (e.g., userlD) or the terminal only needs to present a token. Consequently, if the 
user provides a valid userid (which may be designated as any id or any token), the user is given 
access to the session that is associated with the userlD (or token). Such tokens may be utilized to 
keep track of session to token mappings so that if a user switches terminals, the appropriate 
session to transmit to the terminal may be determined merely by checking the mapping" in col. 
19, line 65 through col. 20 line 10. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of '45 1 and '083 a device for security and manageability to include a 
means utilize a presentation of an identifier. One in the art would have been motivated to 
perform such a modification because the prior solutions do not provide a means to a flexible and 
user friendly means to control access to resources (see '264 col. 1 lines 26 et seq.) "The 
paradigms by which computer systems have been configured have changed overtime ... Each 
time a user switches a terminal, the user must be authenticated to work at new terminal. Various 
authentication mechanisms may be utilized such as a user name and password, biometric 
information (e.g., fingerprint or retinal scan), a smart card, etc. Different types of sessions need 
to be supported at different terminals by varying users. The prior art does not provide a 
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satisfactoiy means to authenticate a user and control access to available network 
services/sessions and terminals based on the authentication". 

As to dependent claim 26, ^'further comprising unlocking said computer or 
computer terminal with said identifier for a predetermined period after entry of said at 
least one password, with re-entry of said password being required thereafter" is shown in 
'264 col. 7, lines 27-36 "Using embodiments of the invention, the use of a particular service may 
also be terminated if desired. For example, after a designated time period, a user's authentication 
may no longer be valid and such invalidity may act to terminate a session. Alternatively, a user 
may be requested to reauthenticate themselves every so often to ensure only authorized users are 
permitted access. Should a reauthenti cation attempt fail, a session may be terminated 
immediately". 

As to dependent claims 21 and 22, these claims contain substantially similar subject 
matter as claims 25 and 26; therefore they are rejected along similar rationale. 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Heath et al U.S. Patent No. 5,553,239 issued dated: Sep. 3, 1996 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1. 136(a). A shortened statutory period for reply to this final action is set to 
expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened 
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statutoiy period will expire on the date the advisory action is mailed, and any extension fee 
pursuant to 37 CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In 
no event, however, will the statutory period for reply expire later than SIX MONTHS from the 
mailing date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 6:00 am to 2:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (571) 272-3838. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300, 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 


Ellen Tran 
Patent Examiner 
Technology Center 2134 
15 December 2005 



